This PR ensure that nexus-repository-pypi provide the "data-requires-python" when necessary.

It fix: https://issues.sonatype.org/browse/NEXUS-18117 https://issues.sonatype.org/browse/NEXUS-21150

Per PEP-503 specification:

A repository MAY include a data-requires-python attribute on a file link. This exposes the Requires-Python metadata field, specified in PEP 345, for the corresponding release. Where this is present, installer tools SHOULD ignore the download when installing to a Python version that doesn't satisfy the requirement.

Without this attributes, Nexus would allow pip to install packages incompatible with the current python environment. Since multiples packages are dropping support for python-2 in favor of python-3, this attribute is very important for clients who still manage python-2 environments.

A good example, is the pytest package which dropped support for python-3 in it's 5.0.0 release.

Here's the link from PyPi:

<a href="https://files.pythonhosted.org/packages/b7/a9/e64eae45880d383120ef258e23136c74ecd0757ecae84491b578eabaa562/pytest-5.0.0.tar.gz#sha256=95b700cf21ed5b7e91bce7a6b5a573b2e3ef7b3643d00f681d8f9c4672f9fbdf" data-requires-python=">=3.5">pytest-5.0.0.tar.gz</a><br/>

Here's the link on a Nexus server with the bug:

<a href="../../packages/b7/a9/e64eae45880d383120ef258e23136c74ecd0757ecae84491b578eabaa562/pytest-5.0.0.tar.gz#sha256=95b700cf21ed5b7e91bce7a6b5a573b2e3ef7b3643d00f681d8f9c4672f9fbdf" rel="internal">pytest-5.0.0.tar.gz</a><br/>

And here's the link on a Nexus server with the fix:

<a href="../../packages/b7/a9/e64eae45880d383120ef258e23136c74ecd0757ecae84491b578eabaa562/pytest-5.0.0.tar.gz#sha256=95b700cf21ed5b7e91bce7a6b5a573b2e3ef7b3643d00f681d8f9c4672f9fbdf" rel="internal" data-requires-python=">=3.5">pytest-5.0.0.tar.gz</a><br/>

I hope this help! Let me know if you would like changes.

Resolves https://issues.sonatype.org/browse/NEXUS-24019

AWS EKS supports a built-in system for assigning IAM roles to pods, which requires the application running in said pod to be able to use sts:AssumeRoleWithWebIdentity method to assume the role specified in the service account annotation. This is useful for seamless nexus compatibility with AWS EKS.

https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-minimum-sdk.html

AWS SDK supports it out of the box starting with version 1.11.704

This change is related to NEXUS-17645.

Even when you try to create a S3 storage - backed by minio - saying "Expiration Days" disabled

How many days until deleted blobs are finally removed from the S3 bucket (-1 to disable)

the creation of the blob stores still fails, because it tries to delete the bucket lifecycle configuration also there is none.

This would make it possible again to use minio as s3 blob storage (in combination with https://github.com/sonatype/nexus-public/pull/55)

This change adds scope support for npm repositories and also replaces metadata store from Orient to repo LS. No migration path present, hence is usable for new deploys only.

ITs and tests updated.

Changes:

• sisu bump to 0.3.3
• guice bump/change to google 4.0
• smaller code changes (deprecated/removed method use and https://github.com/google/guice/issues/618 related)

This PR updates Sisu and Guice (to "vanilla" Guice), and hence, among other improvements makes possible to use Plugins developed using Java8 target (Sisu 0.2.x is unable to scan Java8 bytecode).

Authentication is part of of HTTP client configuration, not connection settings.

Creating/Updating proxy with authentication via the REST API ignore the settings.

As there is already max lines and max line length checks (that implicitly caps the file size), hence, instead of setting two properties in future (entry count and/or file size) it is enough to increase max entry count.

Current prefix file stats: size: 101kb lines: 7258

According to the HTTP spec, a Content-Range header must start with "bytes " when using bytes as the range unit.

Some refs:

• RFC
• nginx
• apache
• docker

I hit an NPE when upgrading from 3.16 to 3.21 or 3.30. The NPE happens when upgrading a pypi repo, when the index cannot be located.

This fix simply skips deleting the index, if its not found. I have verified that this allows the upgrade to proceed in our environment.

See this bug report for more details on the issue. https://issues.sonatype.org/browse/NEXUS-27536

This change enables users to configure a path prefix for objects stored in the S3 bucket, effectively allowing multiple blob stores / repositories to share the same bucket. This can simplify bucket management significantly in cases where DevOps requires more control over buckets.

Replace Nexus 2 boot delegation "*" with packages being exported by system bundle and plugins using DynamicImport-Package.

This will allow plugins to include as dependencies different versions of libraries that are also present in nexus core.

lastDownloaded variable, declared as member of class AssetXO isn't initialised.

Which leads to 2 unwanted behavior :

• var value is always null,
• the output isn't json compliant. As lastDownloaded is also contained in Map attributes.

Jira issue : https://issues.sonatype.org/browse/NEXUS-35266

SHA256 checksums aren't added to assets in a raw-format if uploaded via the API. It does work if you upload it through the gui though. This fixes this (I hope).

See also: https://issues.sonatype.org/browse/NEXUS-20827?focusedCommentId=817066&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-817066

Trying to avoid exhaustion of CPU/RAM during CI build while building the nexus-coreui-plugin sub-module.

This article implies a possible solution: https://discuss.circleci.com/t/memory-problems-with-jest-and-workers/10297

Any thoughts on if this PR is making the change in the correct place?

If this changes appears to solve the problem, I would make the same change in the internal repo.

There is an open issue on redoc that is not allowing to download the specification when published on nexus. https://github.com/Redocly/redoc/issues/1902

Issue:

This fix fixes the downloading of generated specification from ReDoc and published on nexus as html.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox

This adds support for S3 endpoints that do not support lifecycle policies or object tagging (such as provided by Wasabi) by simply ignoring them and logging a warning.